I strongly don't think they are, because the ability to be invasive to the user with a native app is much higher. There is also a stronger financial incentive to do so since payments are easy.

And that's before we consider the much stronger user control presented by the open web. I can run an extension like uMatrix and take back control of my browser. On mobile now I can't even proxy and inspect the network requests that the apps are making without resorting to insane hackery tricks.

The more these things evolve, The more against native apps I am becoming.

Importantly, I think it's much more obvious what you're doing with a web app when you upload data. There's an erroneous belief when you're using native app that the data you provide to it never leaves the device. That might be the case, but even in cases where the native app isn't just a shim to do something through a service, there's little guarantee they aren't utilizing your data for their own purposes, legally (e.g. Adobe) or not.

This isn't unique to mobile vs desktop, but from my experience people use those different device types with different levels of care. It's possible app stores play into this by giving people an incorrect sense of security about aspects of application usage and updating that they don't actually provide.

There is a cost to a centralized app store that I never hear anybody talk about, which is that due to the perception of safety, it becomes a very juicy target for anybody that wants to distribute malware (or even just exploitative apps that e.g. charge $5 a week for a flashlight). If you can get over the wall, then you get access to a very lucrative market.

My personal hypothesis is this is the reason that app stores are filled with so much trash. The app store provides a mechanism of discoverability that would otherwise never be available to such apps.

And this then leads to what you're talking about, which is the stores actually feel less safe than the open web.